Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the application: 
Listing of Claims: 

1 . (Currently Amended) A system for secure data storage and retrieval comprising; 
a network-attached storage device for storing encrypted data; 

means at a client device for encrypting data prior to writing sending data blocks to at said 
network-at tached storage device, said encrypting means em ploying encryption capable of 
protecting confidentiality and integrity of tedivi#ual data blocks again3t modification, r e locati o n 
and rep lay f o r each data b l ock written sent to said network-attached storage device; 

means for generating an integrity value corresponding to one or more data blocks, said 
integrity value comprising information for preventing modification , relocation and replay of data 
for each data block written sent to said network-attached storage device; 

means for storing said integrity values of one or more written data blocks; 

means at said client device for receiving and decrypting said e ncrypted data blocks 
received accc3vSed from said netw ork-attached storage device; and, 

means for performing an integrity check at said client device utilizing stored integrity 
values corresponding to one or more 3tored said data blocks received from said network-attached 
storag e device being accessed , wherein said integrity check protects the integrity of data blocks 
co nt e nts stored in said network-attached storage device. 

2. (Original) The system as claimed in Claim 1, wherein said encryption means generates 
encrypted cipher text data blocks that are a function of plaintext data included in said data 
block and a first encryption key. 

3. (Original) The system as claimed in Claim 2, wherein said encryption means 
implements a whitening value which is a function of a second encryption key, an address 
location for said storage block, and a version number indicating a block write increment, said 
encryption means further generating cipher text data blocks that are additionally a function of 
said whitening value. 
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4. (Original) The system as claimed in Claim 2, wherein said encryption means employs 
an algorithm including one selected from DES or AES encryption schemes. 

5. (Original) The system as claimed in Claim 3, wherein said means for storing said 
integrity values of written data blocks further includes means for generating an integrity tree 
structure, said integrity tree structure storing integrity values corresponding to each disk 
block written to said storage device. 

6. (Original) The system as claimed in Claim 5, wherein said integrity tree comprises a 
hierarchical data structure, said hierarchical data structure including two or more layers of 
integrity data structures, each successive layer of integrity data structures including meta-data 
protecting integrity of data at an immediate prior layer. 

7. (Original) The system as claimed in Claim 6, wherein said hierarchical data structure 
includes said written encrypted data blocks at a first layer, and a succeeding layer of meta- 
data blocks, each meta-data block including data structures representing a plurality of disk 
blocks written at said first layer, each meta-data block data structure comprising an integrity 
value and a version number pair for each of said plurality of disk blocks. 

8. (Original) The system as claimed in Claim 7, wherein said integrity tree includes a 
succeeding layer of higher level meta-data blocks for protecting a layer of meta-data blocks 
below, each higher level meta-data block comprising data structures representing a plurality 
of meta-data blocks, each higher level meta-data block data structure comprising an integrity 
value and version number pair generated for each of said plurality of meta-data blocks. 

9. (Original) The system as claimed in Claim 6, wherein a top layer of said hierarchical 
data structure includes a root data structure for protecting integrity of all content written to 
said storage device. 
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10. (Original) The system as claimed in Claim 9, further comprising means for writing a 
data block to said storage device, said writing comprising means for updating a written data 
block's version number and checksum in the associated meta-data blocks, wherein updates to 
checksum and version number values are performed at each successive meta-data layer 
corresponding to said written data block, including updating performed at said root data 
structure. 

1 1 . (Original) The system as claimed in Claim 9, wherein said means for performing an 
integrity check comprises means comparing integrity of data blocks to be read on a path from 
said root data structure via successive higher meta-data blocks and meta-data block layers 
until a desired data block at a first layer is read, 

12. (Original) The system as claimed in Claim 1, wherein said storage device comprises 
a non-volatile or volatile storage device. 

13. (Original) The system as claimed in Claim 1, wherein said storage device is remotely 
located from said client device, said encrypted blocks being written across a network link, 

14. (Currently Amended) A method for secure data storage and retrieval comprising the 
steps of: 

a) encrypting data to be wri t t e n sent from a client device to a network-attached 
storage device for storing encrypted data, said encrypting utilizing an encryption 
scheme capable of protecting individual data blocks against modification, 
relocation and replay for each data block written sent to said network-attached 
storage device; 

b) generating an integrity value corresponding to one or more w ritt e n sent data 
blocks, said integrity value comprising information for preventing modification of 
data for each data block written sent to said storage device; 

c) storing said integrity values of one or more written data blocks; 

d) decrypting the encrypted data accessed from said network-attached storage 
device; and, 
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e) performing an integrity check utilizing said stored integrity values corresponding 
to one or more stored data blocks being accessed, said integrity check protecting 
the integrity of contents stored in said network-attached storage device. 

15. (Original) The method as claimed in Claim 14, wherein said encrypting data step a) 
includes generating encrypted cipher text data blocks that are a function of plaintext data 
included in said data block and a first encryption key. 

16. (Original) The method as claimed in Claim 15, wherein said encrypting data step a) 
further includes generating a whitening value as a function of a second encryption key, an 
address location for said storage block, and a version number indicating a block write, and 
the generation of cipher text data blocks that are a function of said whitening value. 

17. (Original) The method as claimed in Claim 15, wherein said encrypting step a) 
further employs an algorithm including one selected from DES or AES encryption schemes. 

18. (Original) The method as claimed in Claim 14, wherein said storing step c) further 
includes the step of; generating an integrity tree structure for storing integrity values 
corresponding to each disk block written to said storage device. 

19. (Original) The method as claimed in Claim 18, wherein said integrity tree structure 
comprises a hierarchical data structure, said hierarchical data structure including two or more 
layers of integrity data structures, each successive layer of integrity data structures including 
meta-data protecting integrity of data at an immediate prior layer. 

20. (Original) The method as claimed in Claim 19, further comprising the step of: 
writing encrypted data blocks at a first layer of said hierarchical data structure, and writing a 
succeeding layer of meta-data blocks, each meta-data block including data structures 
representing a plurality of disk blocks written at said first layer, each meta-data block data 
structure comprising an integrity value and a version number pair for each of said plurality of 
disk blocks.- 
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21 . (Original) The method as claimed in Claim 20, farther comprising the step of: 
writing a succeeding layer of higher level meta-data blocks for protecting a layer of meta- 
data blocks below, each higher level meta-data block comprising data structures representing 
a plurality of meta-data blocks, each higher level meta-data block data structure comprising 
an integrity value and version number pair for each of said plurality of meta-data blocks. 

22/ (Original) The method as claimed in Claim 21, further comprising the step of: 
generating a root data structure at a top layer of said hierarchical data structure for protecting 
integrity of all content written to said storage device. 

23. (Original) The method as claimed in Claim 22, further comprising the steps of: 
writing a data block to said storage device, said writing including updating a written data 
block's version number and checksum in the associated meta-data blocks, and, said 
checksum and version number value updating being performed at each successive meta-data 
layer corresponding to said written data block, including updating performed at said root data 
structure. 

24. (Original) The method as claimed in Claim 22, further comprising the step of: 
reading a data block from said storage device, said step e) of performing an integrity check 
including comparing integrity of data blocks to be read on a path from said root data structure 
via successive meta-data block layers until a desired data block is read from said first layer of 
said hierarchical data structure. 

25. (Currently Amended) A program storage device readable by a machine, tangibly 
embodying a program of instructions executable by the machine to perform method steps for 
securely storing and accessing data, said method steps comprising the steps of: 

f) encrypting data to be written, sent from a client device to a network-attached 
storage device for storing encrypted data, said encrypting utilizing an encryption 
scheme capable of protecting individual data blocks against modification, 
relocation and replay for each data block written sent to said storage device; 



Page 6 of 1 1 



G:\IBM\1 05\1 6780\Am<snd\l 6780.am 1 .doc 



g) generating an integrity value corresponding to one or more written sent data 
blocks, said integrity value comprising information for preventing modification of 
data for each data block written sent to said network-attached storage device; 

h) storing said integrity values of one or more written sent data blocks; 

i) decrypting the encrypted data accessed from said network-attached storage 
device; and, 

j) performing an integrity check utilizing said stored integrity values corresponding 
to one or more stored data blocks being accessed, said integrity check protecting 
the integrity of contents stored in said network-attached storage device, 

26. (Original) The program storage device readable by a machine as claimed in Claim 
25, wherein said encrypting data step a) includes generating encrypted cipher text data blocks 
that are a function of plaintext data included in said data block and a first encryption key. 

27. (Original) The program storage device readable by a machine as claimed in Claim 
25, wherein said encrypting data step a) further includes generating a whitening value as a 
function of a second encryption key, an address location for said storage block, and a version 

. number indicating a block write increment, said encrypting step generating cipher text data 
blocks that are additionally a function of said whitening value. 

28. (Original) The program storage device readable by a machine as claimed in Claim 

27, wherein said storing step c) further includes the step of: generating an integrity tree 
structure for storing integrity values corresponding to each disk block written to said storage 
device, said integrity tree structure comprising a hierarchical data structure including two or 
more layers of integrity data structures, each successive layer of integrity data structures 
including meta-data protecting integrity of data at an immediate prior layer, 

29. (Original) The program storage device readable by a machine as claimed in Claim 

28, further comprising the step of: writing encrypted data blocks at a first layer of said 
hierarchical data structure, and writing a succeeding layer of meta-data blocks, each meta- 
data block including data structures representing a plurality of disk blocks written at said first 
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layer, each meta-data block data structure comprising an integrity value and a version 
number pair for each of said plurality of disk blocks. 

30. (Original) The program storage device readable by a machine as claimed in Claim 

29, further comprising the steps of: writing a succeeding layer of higher level meta-data 
blocks for protecting a layer of meta-data blocks below, each higher level meta-data block 
comprising data structures representing a plurality of meta-data blocks, each higher level 
meta-data block data structure comprising an integrity value and version number pair for 
each of said plurality of meta-data blocks; and, generating a root data structure at a top layer 
of said hierarchical data structure for protecting integrity of all content written to said storage 
device. 

3 1 . (Original) The program storage device readable by a machine as claimed in Claim 

30, further comprising the steps of: writing a data block to said storage device, said writing 
including updating a written data block's version number and checksum in the associated 
meta-data blocks, and, said checksum and version number value updating being performed at 
each successive meta-data layer corresponding to said written data block, including updating 
performed at said root data structure. 

32. (Original) The program storage device readable by a machine as claimed in Claim 
30, further comprising the step of: reading a data block from said storage device, said step e) 
of performing an integrity check including comparing integrity of data blocks to be read on a 
path from said root data structure via successive meta-data block layers until a desired data 
block is read from said first layer of said hierarchical data structure. 
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